win7事件查看器事件id
The Event Viewer allows you to diagnose system and application problems in Windows. It has been enhanced in Windows 7; however, it still does not provide much information about the events in the interface.
使用事件查看器可以诊断Windows中的系统和应用程序问题。 Windows 7已对其进行了增强。 但是,它仍然没有提供有关接口事件的太多信息。
You can find out more information about an event by looking up its Event ID in a database containing a list of Event IDs and their descriptions. When using the default Windows Event Viewer, you would have to search for the Event ID on the internet to try to find more information about it.
您可以通过在包含事件ID及其说明列表的数据库中查找事件ID来找到有关事件的更多信息。 使用默认的Windows事件查看器时,您将必须在Internet上搜索事件ID才能查找有关它的更多信息。
We found a tool that is free for personal use, called Event Log Explorer, that is a replacement for the default Windows Event Viewer. It displays the same amount of information as the Event Viewer, but it provides a quick and easy method for looking up Event IDs on the internet. A simple right-click on an event allows you to look up the Event ID in the EventID.Net database or the Microsoft Knowledge Base.
我们找到了一个免费的个人使用工具,称为“事件日志资源管理器”,该工具替代了默认的Windows事件查看器。 它显示与事件查看器相同的信息量,但是它提供了一种快速简便的方法来在Internet上查找事件ID。 只需在事件上单击鼠标右键,便可以在EventID.Net数据库或Microsoft知识库中查找事件ID。
To install Event Log Explorer, extract the .zip file and double-click the .exe file. Follow the instructions in the setup wizard.
要安装事件日志资源管理器,请解压缩.zip文件,然后双击.exe文件。 请按照安装向导中的说明进行操作。
If you didn’t choose to launch Event Log Explorer at the end of the setup wizard, start the program from the desktop or the start menu.
如果未选择在安装向导的末尾启动“事件日志资源管理器”,请从桌面或开始菜单启动程序。
If the User Account Control dialog box displays, click Yes to continue.
如果显示“用户帐户控制”对话框,请单击“是”继续。
NOTE: You may not see this dialog box, depending on your User Account Control settings.
注意:根据您的“ 用户帐户控制”设置 ,您可能看不到此对话框。
A dialog box displays saying you are running in evaluation mode. The evaluation expires 30 days after you install it; however, you can get a free license key. Click the Get FREE License Now link.
将显示一个对话框,说明您正在评估模式下运行。 该评估版在安装后30天到期; 但是,您可以获得免费的许可证密钥。 单击立即获取免费许可证链接。
A web page opens in your default browser. Fill out the form to receive your free license key. Once you see a web page containing the seven-line key, select the seven lines between, but not including, the BEGIN KEY and END KEY lines and copy them.
在您的默认浏览器中将打开一个网页。 填写表格以获取免费的许可证密钥。 一旦看到包含七行键的网页,请选择BEGIN KEY和END KEY行之间的七行,但不包括它们,然后复制它们。
To enter the license key before starting the program, go back to the Event Log Explorer dialog box. Select the Enter license key radio button and click OK.
要在启动程序之前输入许可证密钥,请返回“事件日志浏览器”对话框。 选择输入许可证密钥单选按钮,然后单击确定。
On the Registration Key dialog box, paste the copied key into the edit box and click OK.
在“注册密钥”对话框中,将复制的密钥粘贴到编辑框中,然后单击“确定”。
The following dialog box displays, even if the program is not open. Click OK to close it.
即使未打开程序,也会显示以下对话框。 单击确定将其关闭。
If you didn’t select to enter the license key before starting the program, you can do so within the program by selecting Enter registration key from the Help menu.
如果在启动程序之前未选择输入许可证密钥,则可以在程序内通过从“帮助”菜单中选择“输入注册密钥”来进行输入。
When Event Log Explorer opens, click the plus sign next to the item in the Computer Tree to expand the list.
当事件日志资源管理器打开时,单击“计算机树”中该项目旁边的加号以展开列表。
There are two methods for viewing multiple event logs, tabs and multiple document interface (MDI). To change the view, select Preferences from the File menu.
有两种查看多个事件日志的方法,选项卡和多个文档界面(MDI)。 若要更改视图,请从“文件”菜单中选择“首选项”。
On the Preferences dialog box, make sure General is selected in the tree on the left. Select Multiple document interface or Tabbed document interface in the User interface box. Click OK to save your changes.
在“首选项”对话框中,确保在左侧的树中选择了“常规”。 在用户界面框中选择多文档界面或选项卡式文档界面。 单击确定保存更改。
The Multiple document interface looks like the following image. Each document is a separate window within the application.
多重文档界面如下图所示。 每个文档是应用程序内的单独窗口。
You can also choose whether to open a log by single-clicking or double-clicking on it by selecting an option on the General screen on the Preferences dialog box.
您还可以通过在“首选项”对话框的“常规”屏幕上选择一个选项来选择是通过单击还是双击来打开日志。
One of the most useful features of Event Log Explorer that makes it more useful than the default Windows Event Log Viewer is the ability to easily look up event IDs in two different databases online. To do this, right-click on an event in the right pane and select Lookup in Knowledge Bases from the popup menu. Two options display on a submenu. Select an option depending on whether you want to look up the event ID in the EventID.Net database or the Microsoft Knowledge Base.
与默认的Windows Event Log Viewer相比,Event Log Explorer最有用的功能之一就是能够轻松地在线查找两个不同数据库中的事件ID。 为此,请右键单击右窗格中的事件,然后从弹出菜单中选择“在知识库中查找”。 子菜单上显示两个选项。 根据要在EventID.Net数据库还是Microsoft知识库中查找事件ID,选择一个选项。
For example, the following image shows Event ID 1000 displayed on the EventID.Net website.
例如,下图显示了EventID.Net网站上显示的事件ID 1000。
You can also filter the logs. To do this, click Filter on the toolbar.
您还可以过滤日志。 为此,请单击工具栏上的“筛选器”。
NOTE: You can also select Filter from the View menu or press Ctrl + L.
注意:您也可以从“视图”菜单中选择“过滤器”或按Ctrl +L。
Use the Filter dialog box to specify which logs to apply the filter to and to select and enter your filter criteria. Click OK to accept your changes and view your filtered list on the Event Log Explorer main window.
使用“过滤器”对话框可以指定要应用过滤器的日志,并选择并输入过滤条件。 单击“确定”接受更改,然后在“事件日志资源管理器”主窗口中查看过滤的列表。
You can also backup event logs. To do this, select Save Log As | Save Event Log from the File menu. Enter a name for the backup file and select .evt or evtx as the file type. Use .evt for event log backup files you want to be able to open in Windows XP or earlier. The .evtx extension applies to event log backup files to be opened in Windows 7 or Vista.
您还可以备份事件日志。 为此,请选择“另存为” | 从文件菜单中保存事件日志。 输入备份文件的名称,然后选择.evt或evtx作为文件类型。 将.evt用于您希望能够在Windows XP或更早版本中打开的事件日志备份文件。 .evtx扩展名适用于要在Windows 7或Vista中打开的事件日志备份文件。
If you want to view event log information outside of the Event Log Explorer, you can export logs as other formats. To export the currently open log, select Export Log from the File menu.
如果要在事件日志资源管理器之外查看事件日志信息,则可以将日志导出为其他格式。 要导出当前打开的日志,请从“文件”菜单中选择“导出日志”。
The Export Log dialog box displays. Select the format for the exported log file from the Export to box and whether you want to export all or just selected events from the Export scope box. You can also specify to export event descriptions and data, if desired. To automatically close the Export Log dialog box when the export is finished, select the Close this dialog when export is done. Click Export to start the exporting process.
显示“导出日志”对话框。 从“导出到”框中选择导出日志文件的格式,然后从“导出范围”框中选择导出所有事件还是仅导出选定的事件。 如果需要,还可以指定导出事件描述和数据。 要在导出完成后自动关闭“导出日志”对话框,请选择“导出完成后关闭此对话框”。 单击导出开始导出过程。
If you want to view event logs from other computers accessible from your current computer, click Add Computer on the toolbar.
如果要从当前计算机可访问的其他计算机查看事件日志,请单击工具栏上的“添加计算机”。
NOTE: You can also select Add Computer from the Tree menu.
注意:您还可以从树菜单中选择添加计算机。
Select the Another computer option and use the … button to select a computer in your network. Enter a description, select a group, and click OK to connect to the computer.
选择另一台计算机选项,然后使用…按钮在网络中选择一台计算机。 输入描述,选择一个组,然后单击“确定”以连接到计算机。
To change properties for the currently selected event log, select Log Properties from the File menu.
若要更改当前所选事件日志的属性,请从“文件”菜单中选择“日志属性”。
NOTE: You can also right-click on an event log in the tree on the left and select Properties from the popup menu.
注意:您也可以右键单击左侧树中的事件日志,然后从弹出菜单中选择“属性”。
The Log Properties dialog box displays. The event log that these properties apply to displays on the title bar of the dialog box.
显示“日志属性”对话框。 这些属性适用的事件日志显示在对话框的标题栏上。
We have previously discussed how to change the maximum size for logs. You can do the same thing in Event Log Explorer. Enter a size in the Maximum log size edit box or use the arrows to select a size. The same three options are available for what to do when the maximum log size is reached. However, there is one extra option. You can have Event Log Explorer backup the log automatically when the maximum size is reached. For more information about automatically backing up log files, click the More info link to open the corresponding help topic. The help file describes where the files are saved and the file naming convention used.
前面我们讨论了如何更改日志的最大大小 。 您可以在事件日志资源管理器中执行相同的操作。 在“最大日志大小”编辑框中输入大小,或使用箭头选择大小。 当达到最大日志大小时,可以使用相同的三个选项进行操作。 但是,还有一个额外的选择。 当达到最大大小时,可以使事件日志资源管理器自动备份日志。 有关自动备份日志文件的更多信息,请单击“更多信息”链接以打开相应的帮助主题。 帮助文件描述了文件的保存位置以及使用的文件命名约定。
NOTE: Make sure you don’t let too many backed up log files collect too long, as they will take up a lot of space on your computer’s hard drive over time. Monitor the files and move them to another drive or delete them from time to time.
注意:确保不要让太多的备份日志文件收集的时间过长,因为随着时间的推移,它们会占用计算机硬盘驱动器上的大量空间。 监视文件并将它们移动到另一个驱动器或不时删除它们。
To close Event Log Explorer, select Exit from the File menu to close Event Log Explorer. The following dialog box displays making sure you really want to quit. If you don’t want to see this dialog box every time you close Event Log Explorer, select the Don’t ask me again check box. Click Yes to continue closing the program.
若要关闭事件日志资源管理器,请从“文件”菜单中选择“退出”以关闭事件日志资源管理器。 将显示以下对话框,确保您确实要退出。 如果不想每次关闭事件日志浏览器时都看到此对话框,请选中“不再询问我”复选框。 单击“是”继续关闭程序。
Event Log Explorer saves your workspace to a file so when you open the program the next time, the same tabs (or documents) open and other settings you have changed remain the same. If you made changes to the current workspace in Event Log Explorer, the following dialog box displays. If you haven’t saved your workspace yet, the file name is listed as Untitled.ELX. If you want to save your workspace changes, click Yes.
事件日志资源管理器将您的工作空间保存到文件中,因此当您下次打开该程序时,将打开相同的选项卡(或文档),并且您更改的其他设置保持不变。 如果您在“事件日志资源管理器”中对当前工作空间进行了更改,则会显示以下对话框。 如果尚未保存工作区,则文件名将列为Untitled.ELX。 如果要保存工作区更改,请单击“是”。
Again, the Don’t ask me again option is available. If you select that option for saving changes to your workspace, any changes you make while in Event Log Explorer next time are automatically saved.
同样,“不再询问我”选项可用。 如果选择该选项将更改保存到工作区,则下次在“事件日志资源管理器”中所做的任何更改都会自动保存。
If you selected to save your workspace changes, and this is the first time saving your workspace, the Save Workspace As dialog box displays. Navigate to a location where you want to save your workspace settings, enter a name for your workspace in the File name edit box, and click Save. You can have multiple workspaces in Event Log Explorer.
如果选择保存工作区更改,并且这是第一次保存工作区,则会显示“将工作区另存为”对话框。 导航到要保存工作空间设置的位置,在“文件名”编辑框中输入工作空间的名称,然后单击“保存”。 您可以在事件日志资源管理器中拥有多个工作空间。
Event Log Explorer is a useful tool to add to your software toolbox. The only limitation of the free version is that it does not allow you to connect to more than three computers. If that is not a problem for you, it should fulfill your needs.
事件日志资源管理器是添加到软件工具箱中的有用工具。 免费版本的唯一限制是它不允许您连接多于三台计算机。 如果这对您来说不是问题,那么它应该可以满足您的需求。
Download Event Log Explorer from http://www.eventlogxp.com/.
从http://www.eventlogxp.com/下载事件日志资源管理器。
翻译自: https://www.howtogeek.com/77645/look-up-event-ids-from-the-event-viewer-using-a-free-tool/
win7事件查看器事件id
1228
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
